Network Management week#1

8/10/2019 Network Management week#1

1/23

1

Northwestern Polytechnic University

1

CS 565 Network Management

Dr. Qingsong Zhang


2

Class Notice:

13 weeks. Every Wed. 6:00 pm

Text book: SNMP, SNMPv2, SNMPv3,

and RMON 1 and 2.

You are required to attend all the

classes.

CS470, CS503 prerequisite.


3

Why manage?

Enterprise networks are becoming increasingly

distributed and complex environments due to a

number of factors:

The rapidly increasing number of network nodesexponentially increases network complexity;

IS managers must be masters of more domains, as theirremit includes managing network traffic across

expensive WAN pipes, as well as LANs, VLANs andVPNs;

Increasing use of delay-sensitive, bandwidth intensiveapplications such as video-conferencing, adds a new

dimension to network management;


4

Why manage?

Networks are now mission critical for the vast majority

of enterprises;

The efficiencies of the network are more visible to

customers and clients than ever before with the advent

of e-commerce.

QoS: Bandwidth, delay, recovery.

So, Why management?

More complex network.

Downtime costs real money.

QoS: Bandwidth, delay, recovery.


5

Course Goals

Rapid development in computer and data

networking technology.

Explosion in the variety of equipment and

networks offered by vendors. Fundamental to the operation of such tools and

applications in a multivendor environment are

standardized techniques for representing and

exchanging information relating to network

management.


6

Course Goals, Cont.

Network management is one of thekeywords when it comes to build largeand heterogeneous networks.

Despite they use the word quite often,only few people know exactly what it reallymeans.

And still fewer people even designed andimplemented a management system or amanagement concept for a real network.


2/23

2


7

Course Goals, Cont.

A network can be managed on severaldifferent levels:

The lowest level is networkmaintenance.

The next level is called configurationmanagement.


8

Network Management

This is where decisions are made involving theplanning of the physical and logicalconstruction of the network.

The configuration is defined by the deviceconnected to the network, how they areconnected, and what is used to connect them.

Configuration decisions include how tosegment the routers, what kind of systemmanagement software to use on the hosts,whether to provide fixed IP address or use aDHCP server, and how we convince the peoplein finance that we need T1 service for ourinternet connection.


9

Network Management

Anger one of these people, and theyllconfigure the router on your segment toswallow all packets originating from yourworkstation--and they claim for days that theyare working on the problem.

Next higher level is the networkadministrators. A netadmin is eitherchasing or being chased


10

Network Management

The highest level is

the network users themselves

the most helpless managers of anynetwork.

The real network manager just want tokeep the users from accidentally (orpurposely) screwing up the network.


11

Course Goals, Cont.

Give you a solid fundament of networkmanagement theory that enables you tofind a quick entrance to any aspect ofnetwork management practice, forexample development of managementsystems, research issues and findingmanagement concepts for existing or newnetworks.

How to Manage?

Manage by hand

Still usual in many small and medium

sized LANs.

Admin can only react when a faultoccurs.

Difficult to handle when network grows.

Demand for a skilled operator on every

location.

Slow and expensive when network becomes

larger and/or more complexNorthwestern Polytechnic University

12


3/23

3

Centralized Management

Less personnel

Faster reaction

No need to go "on location"

Effect on the rest of the network can be

monitored

No isolated view on one device only

Most interesting in WANs


13


Two Options:

Connecting a pool of central console to

each deviceStill done in mainframe environments and in very

critical areas

Often in conjunction with a switch matrix

Expensive

Very bad flexibility, bas scalability

But still works when the network down!


14


Each device presents a management

entity that is accessible from the

networkObviously, the second alternative is primarily used today,

but the first is still an option

Example: extra remote console via a terminal serverfor important backbone systems

First systems of this kind were just as proprietary as the

consoles

Example: DEC LAT printer infrastructure

Still one central console for each class of devices

Creates "management islands"

In some areas this is still a major problem


15


16

Course Goals, Cont.

Give you a solid fundament of networkmanagement theory that enables you tofind a quick entrance to any aspect ofnetwork management practice, forexample development of managementsystems, research issues and findingmanagement concepts for existing or newnetworks.


17

Description

Review several protocols which are important for

network management.

Provide a comprehensive introduction to SNMP

based protocols, the construction of the

management information base (MIB).

Use RMON probes to monitor the network.

Emphasis on understanding how to retrieve data

elements and how to interpret the effect of values

retrieved.

Text book

SNMP, SNMPv2, SNMPV3 and RMON 1 and 2,

By William StallingsNorthwestern Polytechnic University

18


Dr. Qingsong Zhang

1. Network Management Fundamentals


4/23

4


19

Network Management

Fundamentals

Motivation

History

What exactly is network management

Discussion of several definitions

Roles of network management

Future developments


20

Motivation

The network and its associated

resources and distributed

applications become indispensable

to the organization.

More things can go wrong, disabling

the network or a portion of the

network or degrading performance to

an unacceptable level.


21

Motivation

Professional Support corporate planning and to provide

professional leadership in the technical area

Financial Is not an expense or cost center

Technical Provide additional services or add new users

Security

Provide services only to authorized users


22

OSI Functional Areas

Configuration management

Configuration and monitoring of resourcesfor normal operation

Fault management

Detection, localization and repair of faults

Performance management Performance measurements and

comparison with expected values


23


Performance management (cont.)

Detect approaching problems and

configuration mistakes

Network simulation (!)

Security management

Provision and configuration of security

services in the network

For example TACACS (+) for device access


24


Accounting

Logging and export of data for billing

Supervision of service access

Most important in carrier networks

But will become a subject in corporate networks also

(for Qos issues)

A real challenge: it's not easy

Most companies have to throw quite a lot of moneyinto this to get it working

Example: 75% of EWSD software is accounting


5/23

5


25

History

until 1970

management by hand with local operators

use of local consoles and service switches

and LEDs

1970-1980

first centralized management systems

proprietary


26

History

1981-1989

development of first international network

management standards

from 1987 first standard-conformant

products

example: SunNetManager (with many proprietary

additions)

coexistence with proprietary products


27

History

1989-today

further development of standards

especially for interworking of management

products and distributed management

slow progress

development of management frameworks

that are based on existing standards

ITU TMN, OSF/DME (R.I.P.), OMNIPoint

(small) improvements of interoperability

between different manufacturersNorthwestern Polytechnic University

28

History

Roots in the mainframe and

minicomputer era with computer

manufacturers and third-party

software developers producing

proprietary products in 1960s.

Interoperability problem resulted in

the development of a series of

standards. (SNMP, RMON, MIB,)


29

What is Network Management?

Access (within organizational policy

restrictions) to any of the network

resources at any time.

In other words, a user with thecorrect authorization should be able

to make use of any of the

organization (or Internets) network

resources at any time of the day or

night efficiently.


30

Definition

Network management is the process of

using hardware and software by trained

personnel to monitorthe status of network

equipment and transmission facilities;

question end users, vendors andcommunication carrier personnel; and

implement or recommend actions to

alleviate outage and/or improve

communication performance, as well as

conduct administrative tasks associated

with the operation of a network.


6/23

6


31

Role of Network Management

Critical in the business world.

Indispensable.

A network that always works becomes

increasingly important for more and more

companies and institutions

downtime costs real money

new multimedia applications put higher demands

on the infrastructure

QoS: bandwidth, delay, recovery


32

Future Development

Use of automated network management tools.

Tune the performance by itself.

Improve the security.

Web based management system.

Coexistence of different management standards and

frameworks

TMN will become more important

Combinations of different (distributed) management

systems in one network under a common GUI

Java-based

CORBA export functions (statistics, billing, event monitoring,

etc.)


33


Dr. Qingsong Zhang

2. Overview of Network Management Standards


34

Overview of Network

Management Standards

How todays standards were

developed?

Comparison: OSIMAN, SNMP, TMN

Other standards and developments

Basics - What are in common?


35

Standard

Several trends in the areas of data

processing and communications are

becoming more pronounced.

This evolution has created seriousproblems for network managers, it has

also resulted in the realization of the

necessity for network management

standards.


36

Standards develop history

Beginning stages: 1980s

SGMP - RFC1028 - to manage routers

HEMS - RFC1021, 1022, 1023 and 1024

CMIP

RFC1065, RFC1066, RFC1067, RFC1095


7/23

7


37


Growth and Progress: Early 1990s

RMON

UDP, OSI, IETF

SNMP began its integration into various

networks.


38


Moving toward the future: Mid- to Late

1990s

SNMPv2c: community-based.

SNMPv2u: user-based security.

SNMPv3: concurrent security and scalability

standardization.

RMON2: introduce the Meter MIB for traffic-

flow measurement.

RSVP: Resource Reservation Protocol


39


Moving toward the future: Mid- to Late

1990s

AgentX: SNMP agent extensibility Protocol

Master agents and subagents.

IPv6 MIB for TCP, UDP and ICMP.

MIB modules for ATM, DS1, E1, DS2, E2


40


41


42


Parent and superset of SNMP

Huge and complex

High development overhead and resourceusage

Inconvenient for small, simple devices

Designed (and used) for medium and large

networks

Network elements talk with management

system

OSIMAN:


8/23

8


43


Simple and easy to use

Very good for small devices

Subset of OSIMAN

Has serveral shortcomings that some-times

make life hard (esp. In larger networks)

Lack of proper security

Inconvenient notification mechanism, etc.

Based on device polling

SNMP:


44


Huge framework that is based on OSIMAN but

can also utilize SNMP

Designed for large carrier networks

Management information is separated from

user data

Use of own network or protocol overhead

Integrates higher levels of management

Service views, billing, etc.

The TMN:


45

Typical Use of Standards

LANs and end systems

practically SNMP only

WANs

IP devices (routers, etc.) SNMP only

ATM and FrameRelay switches SNMP in smaller systems and networks

OSIMAN for larger systems

integration into TMN in progress


46

Typical Use of Standards

WANs (continued)

carrier infrastructures (SDH, PDH, lineswitches, WDM, microwave systems,etc.)

some SNMP for smallest systems when notinstalled in a carrier network

examples: HDSL modems, Laserlink devices

bulk is OSIMAN-based TMN

and beware:

most TMN systems support SNMP


47


48

IEEE Management

IEEE developed the first

management standard in 1982/83

for LANs only

Layer 2 protocol

not useable across routers

primarily used for IBM LANs

large Token Rings with bridges

died in the middle of the 80s


9/23

9


49

Common Concepts

OSIMAN and SNMP basically share

the same terminology and

mechanisms

see history

management frameworks are divided

into two parts

information model

communication model


50

Information Model Basics

What do we want to manage?

network resources

How do we want to manage them?

by a computer application

So we need a model of the network

resources that is suitable for a

computer application.


51

Information Model Basics

What is interesting?

resource type (class)

e.g. network interface

things that are special about this resource

e.g. Ethernet or Token Ring

current parameters in use

current state

last state

performance data


52

Information Level

router or printer is difficult to

represent

we have to go down to basic data types

Integer, Character String, etc.

network address, byte counter

a surrounding structure is needed

to which element does this information

belong? (lots of detail information)

relationship to other data


53

Management Information Tree

as usual, we choose a tree structure

Management Information Tree (MIT)

MIT follows the hierarchies in the

network an in the network elements

example: network -> subnet ->

computer -> interfaces -> ethernet

interface 1 -> bytesOut (an Integer)


54

MIT: Small Example

Network

Subnet 1

BytesIn BytesOut

Ethernet 1

Status

Ethernet 2

Computer 2 Computer 3

Subnet 2Subnet 3

Computer 1


10/23

10


55

Management Information Tree

MIT models a whole network MIT data represents network state at the moment of

the MITs creation

MIT subtree in each network element is

called Management Information Base

(MIB) MIBs can be divided into functional parts that are

called MIBs also

full MIT is created by the management application


56

Communication Model Basics

management application needs access toMIB data

we need a way to address data in the MIB

path through the tree structure

we need a service and a protocol to transport

management data

so we also need a transport encoding

and we need two instances that

communicate

Manager and Agent


57

Communication Model Basics

Management

ApplicationsManager Agent

Resources

MIT/MIB

Manager

on the side of the

management application

Agent

on the side of the MIB (in

the network element)


58

Properties of a Manager

Interface between the management

applications and the network elements

coordinates management applications

accesses agents to receive management

information

is informed by the agents if something has

happened (good or bad)

usually one manager per network


59

Properties of an Agent

Answers requests of managers

Informs managers (notifications, alarms)

Access to resources Translation of a resource state into the

information model (transfer encoding)

Change of resource state and configuration by

request of a manager

Usually a piece of software that runs on

each network element


60

Transfer Encoding

Managers and agents (should) not need to

run on the same platform So we have to use a platform-independent

encoding

Choice: ASN.1 Abstract syntax notation one (X.680 ff.)

Data is transferred together with syntax information

Allows usual data types and simple data structures

(but can get quite complex)


11/23

11


61

Transfer Encoding

So we can transfer syntax and values

But we still cannot transfer semantics

The information in a MIB cannot change its

semantics during run-time

A formal mechanism to describe the

semantics of management information is

still missing

The are some suggestions

Research subject


62

Transfer Encoding

Semantics are described informally

by texts in the ASN.1 MIB definitions

Interpreted and implemented by

humans

Can be interpreted differently or simply

be misunderstood

Descriptions can get quite long


63


Dr. Qingsong Zhang

3. OSI Management


64

The OSI Standard Framework

Basic standard is ISO 7498-4 / ITU-T X.700

OSI basic reference model part 4: management

framework

Describes whole framework

OSI functional areas (see chapter 1)

ISO 10040 / ITU-t x.701 management

overview

Gives some additional information and clarifications


65

OSI Information Model

ISO/ITU-Standard Structure of

Management Information (SMI)

ISO 10165 / ITU-T X.720 and X.721

Object-oriented model

Managed Objects (MOs)

each MO is an instance of a MO class

all usual OO mechanisms supported

(multiple) inheritance, polymorphism, etc.


66

OSI Management Objects

each class consists of the following:

attributes (the management information)

at least one

accessed by the manager and monitored by the

agent

simple data types (Integer, Real, Boolean, and

Octet String; only constructor is SET OF)

access rights can be defined

a list of search functions that are allowed can be

given (see below)

semantics description by simple text


12/23

12


67

OSI Managed Objects

class contents (continued)

functions

parameters (attributes and simple types)

called by the manager

notifications

sent out to the manager(s) by the agent

have attributes as parameters

can be coupled with filter functions

set by the manager

for example to mask out certain alarms


68


class definition (in ASN.1)

use of class templates

inheritance from super classes

(only) addition of attributes, functionsand notifications

grouping of attributes, functions andnotifications into packages

only a whole package can be marked asoptional


69


Class definition and additional rules

and suggestions are described in

another standard

Guidelines for the Definition of

Managed Objects (GDMO)

usually this term is used instead of SMI

ISO 10165-4 / ITU-T X.722

integral part of the SMI


70


Class registration

Two hierarchies

Hierarchy one: the inheritance tree

Represents inheritance structure

Hierarchy two: the ISO registration tree

Defined in ASN.1

Each class has an object ID (OID) in theISO/ITU management classes subtree


71

Class Hierarchies

Top

Class 1 Class 2

Subclass 1 Subclass 2

Subclass 2.1 Subclass 2.2

Root

ISO ITU ISO/ITU

Mgmt

Classes

Top Class 2 Subcl. 2.1

Registration as OIDInheritance Hierarchy


72

The OSI Containment Tree

Mos are instances of MO classes

Multiple instances can exist anywhere in the MIT

MIT is called "Containment Tree" in this case

So we need an additional mechanism to address aMO

Path through the tree of MOs

Each MO has to have a name that is unique on the samelevel of a subtree

One attribute is selected for naming

The "Relative Distinguished Name" (RDN)


13/23

13


73

The OSI Containment Tree

The "distinguished Name" (DN) is the path

through the Containment Tree of a

network element

Consists of a concatenation of all RDNs along

the path beginning from the root

Similar to a absolute path name in UNIX

Used to address an object

This is quite similar to X.500

The ITU distributed directory service


74

OSI Containment Tree Example

DN:

Name="npu1"

Type="Ethernet"

ID="0"

Name="ByteOut"

SystemName="npu1"

InterfaceType="Loopback"

InterfaceType="Ethernet"

EthernetID="0"

EthernetID="1"

CounterName="ByteIn"

CounterName="ByteOut"


75

OSI communication Model

Common Management Information Service

(CMIS)

ISO 9595 / ITU-T X.710

Uses the Common Management Information

Protocol (CMIP)

ISO 9596 / ITU-T X.711 and X.712

Based on ACSE and ROSE

ACSE for access control

Every management operation is basically a remote

procedure call using ROSE


76

OSI CMIS

Defines 8 basic operations:

M-GET

Manager requests attribute values

Agent answers with a M-RESPONSE

M-CANCEL-GET

Manager cancels a GET-request

M-SET

Manager changes attribute values

M-ACTION

Manager calls a function of a MO


77

The OSI CMIS

Basic operations (continued)

M-CREATE

Manager dynamically creates a MO

i.e. the MIB changes during run-time

M-DELETE

Manager deletes a MO

M-EVENT-REPORT

Agents sends a notification of a MO

Notification must have passed the filter function


78

CMIS Filter Functions

Manager can use a "search function"

No need to specify the DN of a certain MO

Each request can be sent out with a filter

function

Evaluated by the agent

Filters out attribute values

Every attribute for which the search function is

allowed and the filter matches is sent back

Manager can cancel a running request

M-CANCEL-GET


14/23

14


79

CMIS Filter Functions

Filter can be focused on a subtree

Scoping

Filters can be concatenated with logical

operations

Agent can reject a filter that is too

complicated for him to handle

Everything very similar to X.500

But no support for distributed MIBs


80

Systems Management Functions

High-level functions for managementoperation

Based on the basic functions

Usually management applications usethe SMFs and do not directly access theCMIS

Defined in ISO 10164 (part 1-14) andITU-T X.730-X.742

Some additional function by ISO only


81

Systems Management Functions

Management

Application

Management

Application

Management

Application

Accounting

Meter

Workload

Monitoring

Test

ManagementSummarization

Log

Control

Security

Alarm Report

Security

Audit Trail

Access

Control

Object

Management

State

Management

Relationship

Management

Alarm

Reporting

Event Report

Management

Event Report Get Set Action

Create Delete Cancel-Get

CMIS

SystemManagementFunctions


82

OSIMAN Operation

Agents talk to manager

Only some availability polling

During normal operation

Network elements report events immediately

Very convenient for large networks

No careful selection of MOs

How many MOs can I poll how often before I

completely flood my network with management

information?

But we need quite powerful NEs


83

OSI Management Functional Areas

Fault/Problem Management Detection, localisation, and repair of the fault

Configuration/Name Management

configuration and monitoring of resources fornormal operation

Performance/Growth Management performance measurements and comparison with

expected values

detect approaching problems and configuration

mistakes

network simulation (!) Northwestern Polytechnic University84

OSI Management Functional Areas

Accounting/Cost Management logging and export of data for bill ing

supervision of service access

most important in carrier networks

but will become a subject in corporate networksalso (for QoS issues)

a real challenge: its not easy

most companies have to throw quite a lot of moneyinto this to get it working

example: 75% of EWSD software is accounting


15/23


16/23

16


91

Other Network Management Functions

Planning/Support Management

Enable network managers and

administrators to provide support for

current users, as well as plans for the

future.

Trend Analysis: Provides information

necessary for determining utilization

trends on both local and wide area

networks

Planning management processNorthwestern Polytechnic University

92

Summary

Network status

monitoring

Network Routing

Parameter

database

Configuration

control

Facility control

Configuration/

Change

Management

Event notification

Logging

Ticketing

Tracking

Isolation

Resolution

Fault/

Problem

Management

Monitoring

Statistical

analysis

Database

generation

and analysis

Reporting

Tuning

Performance/

Growth

Management

Authentication

of users

Maintaining

security

Encryption

Key Distribution

Audits

Traces

Security/

Access

Management

Issue orders

Recording

Reconciliation

of cost

algorithms

Assignment

of costs

Accounting

Cost

Management

Equipment

records

Facility

records

Personnel

records

Training

Asset

Management

Data collection

Requirements

analysis

Trend analysis

Modeling

Design

Optimization

Implementation

Planning

Support

Management

Network Management Functional Areas and Tasks


93

Network Management Systems

Collection of tools for network

monitoring and control.

Designed to view the entire network

as a unified architecture, with

address and labels assigned to each

point and the specific attributes of

each element and link known to the

system.


94

Network Management Configuration

Network control

host (manager)

NMA

NME Appl

Comm

OS

NME Appl

NME Appl

Comm

Comm

OS

OS

NME

Comm

OS

Workstation

(agent)

Server

(agent)

Router

(agent)

NMA = Network Management Applicat ion

NME = Network Management Ent ity

APPl = Applica tion

Comm = communicat ion sof twareOS = operating system

Elements of

a network management system


95

Network Management Software Architecture

Presentationof network management

informationto users

Network

management

application

Network

management

application

application

element

Network management data transport service

MIB

access

module

Communications

protocol

stack

application

element

application

element

Managed networksManagement

information

base

Unified

user

interface

User Presentation

Network Management

Communication

Database


96

Network Management Software Architecture

Presentationof network management

informationto users

Network

management

application

Network

management

application

application

element

Network management data transport service

MIB

access

module

Communications

protocol

stack

application

element

application

element

Managed networksManagement

information

base

Unified

user

interface

User Presentation

Network Management

Communication

Database


17/23

17


97

Distributed Network Management

Management server

Management

application MIB

Management server

Management

application MIB

Element

manager

Element

manager

Network

Network

Management

clients

Network resources

with management agents

Management

clients

Management

clients

Management

clients

Management

clients


98

Proxies

Management

applicationProxy manager

Server

stub

Client proxy

stub

Protocol

stack

Server proxy

stub

Proprietary management

interface

Client

stub

Protocol

stack

Protocol

stack

Protocol

stack

Standard operations

and event reports

Proprietary operations

and event reports


99

Network Management

Network Monitoring

Architecture

Performance

Fault

Accounting

Network Control

Configuration

SecurityNorthwestern Polytechnic University

100

Network Monitoring

Consists of three major design areas: Access to monit ored inform atio n: how to define

monitoring information, and how to get that

information from a resource to a manager.

Design of monitoring mechanisms: how best to

obtain information from resources.

App lic ation o f moni tor ed i nfo rmatio n: how the

monitored information is used in various

management functional areas.


101

Architecture

Information Static

Dynamic

Statistical

Configuration Application

Manager

Agent

Object

Polling and event reporting


102

Architecture

Organization of MIBStatistical

database

Dynamic

database

Static

database

Call_blocked Packet_Loss

Time_Delay Throughput

State_Variable

Event_Variable

Switch_Server

Buffer Source

Station_Info Server

Switch_Buffer

Switch_Source

Status_Sensor

Derived_Status_Sensor

Event_Sensor

Configuration Database

Sensor Database


18/23

18


103

Network-Monitoring Configurations

Monitoring

application

Manager

function

Agent

function

Managed

objects

Monitoring agent

Agent

function

Agent

function

Managed

objects

Managed

objects

Monitoring

application

Manager

function

. . .

(a) Manager-agent model

(b) A model for summarization


104

Polling and Event Reporting

Polling: Manager queries any

authorized agents and requests the

values of various information

elements.

Reporting: Manager, as a listener,

waits for incoming information.

A network-monitoring system will

typically employ both methods.


105

Polling and Event Reporting

Telecommunications Management

Systems (TMN) have traditionally

placed a very high reliance on event

reporting.

SNMP approach puts very little

reliance on event reporting.

OSI system management (OSIMAN)

tends to fall somewhere between

these extremes.Northwestern Polytechnic University

106

Performance Monitoring

Indicators One of the difficulties facing the network

manager is in the selection and use of the

appropriate indicators that measure the

networks performance.

Service-oriented measures

Specified service levels are maintained to the

satisfaction of the users.

Efficient-oriented measures

Meeting these requirements at minimum cost.


107

Performance indicators

Service-oriented

Availability The percentage of time that a network system, a component,or an application is available for a user.

Response

time

How long it takes for a response to appear at a users

terminal after a user action calls for it.

Accuracy The percentage of time that no errors occur in thetransmission and delivery of information

Efficiency-oriented

Throughput The rate at which application-oriented events (e.g.transaction messages, file transfers) occur.

Utilization The percentage of the theoretical capacity of a resource (e.g.multiplexer, transmission line, sw itch) that is b eing used.


108

Indicators

Availability The percentage of time that a network

system, component, or application is

available.

MTBF

MTBF + MTTRA =

A the availability

MTBF the mean time between failures

MTTR the mean time to repair


19/23

19


109

Configuration effects on the availability

A A

A

A(a) Serial

(b) Parallel

(A2)

(2A-A2)

The availability of a system depends on the availability of its

individual components plus the system organization.


110

Response Time

Is the time it takes a system to a given

input.

Ideally, one would like the response time

to be short, which possibly imposes

greater cost.

Computer processing power

Competing requirements

The value of a given level of response time

must be assessed versus the cost of

achieving that response time.


111

Element of Response Time

Workstation Network interface

(e.g. bridge)

ServerTO

TIWI

SI

SO

WOCPU

RT = response time

TI = inbound terminal delay

WI = inbound queuing time

SI = inbound service time

CPU = CPU processor delay

WO = outbound queuing time

SO = outbound service time

TO = outbound terminal delay

RT = TI + WI + SI + CPU + WO + SO + TO


112

Accuracy, Throughput and Utilization

Accuracy: Indication of faulty line,

noise and interference.

Throughput: Projected demand and

likely performance trouble spots.

Utilization: the percentage of time

that a resource is in use over a given

period of time.


113

Performance-Monitoring Function

Three components

Performance measurement

Performance analysis

Synthetic traffic generation

Typical Performance Measurement Reports

(detailed on P. 39 of text book)

Host communication matrix

Group communication matrix

Packet type histogram

Data packet size histogram

Throughput-utilization distribution

Packet interarrival time histogram

Channel acquisition delay histogram

Communication delay histogram

Collision count histogram

Transmission count histogram


114

Statistical Versus Exhaustive Measurement

When an agent in a node or an

external monitor is monitoring a

heavy load, it may not be pratical to

collect exhaustive data. The alternative is to treat each

parameter as a random variable and

sample the traffic stream in order to

estimate the value of the random

variable.


20/23

20


115

Fault Monitoring

The objective is to identify faults as

quickly as possible after they occur

and to identify the cause of the fault

so that remedial action may be taken.

Problems of Fault Monitoring:

Unobservalbe faults

Partially observable faults

Uncertainty in observation

Multiple potential causes

Too many related observtions

Interference between diagnosis and local

recovery procedures

Absence of automated testing tools


116

Fault-Monitoring Functions

To detect and report faults.

To report errors independently to

one or more managers.

To anticipate faults.

To isolate and diagnose the fault.


117

Accounting Monitor

To track users usage of network

resources.

To gather and maintain following

accounting data:

User identification

Receiver

Number of packets

Security level

Time stamps

Network status codes

Resources used:


118

Summary

The purpose of network monitoring is

to gather information about the status

and behavior of network elements.

Information to be gathered:

Static - configuration

Dynamic - events in the network

Statistical - summarization from dynamic

info.


119

Summary

Information may be collected actively, by

means of polling by the management

station, or passively, by means of event

reporting by the agents. The most important categories of

management information are

Availability

Response time

Accuracy

Throughput

Utilization


120

Network Control

To modify parameters, or configurations.

Mainly cover the last two major function

areas of network management:

Configuration management

Security management


21/23

21


121

Configuration Control

Covers initialization, maintenance and

shutdown of individual components and

logical subsystems within the total

configuration of computer and

communications resources of an installation.

Responsible for monitoring the configuration

and making changes in response to user

commands or other network management

functions.


122

Functions of Configuration Management

Define configuration information

Set and modify attribute values

Define and modify relationships

Initialize and terminate network operations

Distribute software

Examine values and relationships

Report on configuration status

Configuration-Control Configuration-Monitor


123

Define Configuration Information

Describes the nature and status of

resources of managed network.

Includes

Resources

Physical (end systems, routers, bridges and

communications media and service)

Logical (timers, counters and virtual circuits)

Attributes

Name, address, ID, states, operational

characteristics, software version number, etc.)


124

Set and Modify Attribute Vaules

Must be authorized.

Some attributes can not by modified

remotely.

Categories

Database update only

Database update + resource

modification

Database update + action


125

Define and Modify relationships

Describes an association,

connection or condition that exists

between network resources or

network components. Should allow on-line modification of

resources without taking all or part

of the network down.


126

Initialize and Terminate Network

Operations

Should include mechanisms to

enable users to initialize and close

down network or subnetwork

operation. Verification resources

Notification users

Validation

Retrieval of status information before

the termination.


22/23

22


127

Distribute Software

Synchronize the software on bothend systems and intermediatesystems.

Encompass tables and other datathat drive the behavior of a node.

Provide mechanisms to examine,update and manage different versionof software and routing information.


128

Security Control

Computer Security

Network Security

The security management deals with

the provision of both computer and

network security for the managed

resources, including management

itself.


129

Security Threats

Security requirements:

Secrecy

Integrity

Availability

Types of threats

Interruption

Interception

Modification

FabricationNorthwestern Polytechnic University

130

Computer System

Assets

Security Threats and Assets

Hardware Software

DataCommunication

Lines

modification

interception

(capture, analysis)

masquerade

interruption

(loss)

interruption

(theft, denial of service) interruption(deletion)interception

modification

modification

interception

(capture, analysis)

masquerade

interruption

(loss)


131

Threats to Networks

Passive threats

Interception (secrecy)

Release of

message contentsTraffic analysis

Active threats

Interruption

(availability)

Modification

(integrity)

Fabrication

(integrity)


132

Threats to the Network

Management System

User masquerade

Network manager masquerade

Interference with manager-agent

interchange


23/23


133

Security Management Functions

Maintain Security InformationSecure the information change between managersand agents.

Control Resource-Access Service

Access control involves authentication andauthorization services and decision to grant orrefuse access to the resources.

Control the Encryption Process

encrypt any exchanges between managers andagents, also design encryption algorithms andprovide key distribution.


134

Summary

Network control is concerned with altering

parameters of various components of the

configuration and causing predefined

actions to be preformed by these

components.

The responsibility of the network

management system is to coordinate and

control the security mechanisms built into

the configuration of networks and

systems under its management control.

Documents

Network Management week#1